We help IT Professionals succeed at work.

two NICs - one for management, one for primary network...both vlan networks on a trunk. RDP does not work.

faeadagbee asked
two NICs - one for management, one for primary network...both vlan networks on a trunk. Having multilpe gateways on windows is frowned upon. We only need RDP to work on the management NIC. Currently, the primary network has the default gateway and the management NIC does not have a default gateway. All traffic is routed through the primary interface. This is the configuration on 13 virtual machines (VMWare).
* I can tracert to the management IP of the domain controller
* I can ping other management IPs
* Currently we only have 2 other windows machines. However, they are only configured with one IP/NIC. The management network is configured with the NIC and these domain controllers are accessible via RDP.
* The server in question is accessible via RDP when I enter in the management default gateway on the mangement TCP/IP properties. When I remove the default gateway, the machine is no longer accessible via RDP (outside of the management network). I'm trying to access the machine from our internal network (firewall is allowing rdp/ssh traffic). So....management default gateway in place? I can connect from my workstation.
No management default gateway in place? I can only RDP to the server from another VM inside the management network.

A lot of info...let me know what you think.
Watch Question

I assume you're trying to RDP to it from another machine that's on the management network? If not, you'd need a gateway on that interface to connect to it across vlan's.

This article mentions checking your NIC binding order. You might want to give that a shot



Great idea! I checked it out but that did not do the trick.
larry urbanDevOps Engineer

You will need a gateway on both NICs;

1) Add the gateway to the management network NIC.
2) Then go to the TCPIP advanced settings on that same NIC and set the Metric to 2.
3) Now go to the primary network's NIC and set the metric to 2.

This will cause the network traffic going out of your server to first try the primary gateway, if it does not find the route needed it will then try the management network. This also assures you do not mess up the route to the outside for the primary network.
What OS is the server? Depending on the OS it might call it different things, but you can go into the Remote Desktop Configuration, then go to Properties and click on Network adapters. By default it binds to all NIC's, but you can specify the specific one you want. Maybe it's getting confused.


I added the gateway and modified the metric on each NIC to 2. We'll see how that goes.

It's Server 2008 R2. I've been in Remote Desktop config and tried to create a connection per NIC, but that was unsuccessful. the only thing that has worked is adding the default gateway on the management NIC, which creates two gw's on the server.

Can you recommend a good doc on metric settings Todar?

Thanks guys.
I just realized I actually have some VM's with a public and private interface, so I may be able to test this. I'll get back with you in a bit and let you know if I see anything else we can do. It should work without setting a gateway on the 2nd interface.
DevOps Engineer
Sorry, my fault, I fat fingered it ...SET THE PRIMARY NETWORK TO 1 and Management to 2.


Ok Jason


Thanks Todar
So this just worked for me without a problem. Here's the configuration:

1 NIC with a public IP address (subnet mask, gateway, dns, etc)
2nd NIC with a private IP address ( 24 bit subnet mask, no gateway, no DNS or WINS)

A second machine set up the exact same way. I was playing with some clustering stuff on these but never got around to actually clustering them.

Windows Firewall is completely off.

If you go into the Network and Sharing Center the Public NIC (that gets out to the Internet) shows as a Domain Network connection with Internet access

The Private NIC says it's on an Unidentified network on the public network. (See attached screenshot)

These machines are on the same ESX Host (I'm actually testing it within vCloud) and I've created a port group that contains their secondary NIC's. So there's no routing involved.

If you're set up this way, then it's probably a function of the network that's getting in the way. Or antivirus, firewall, etc.

Considering it works when you plug in the gateway address, it's probably your network dropping the traffic. In that case you need to follow Todar's suggestions :)
larry urbanDevOps Engineer

Well, since I we haven't heard back from you in 24 house, I guess this fixed your issue?
Top Expert 2013

Not only are multiple gateways frowned on they don't work on a Windows based machine. The concept is as described with priorities set by metrics, but what actually happens is the lower priority gateway is only used if the primary gateway fails/is not available. when that happens it switches to the next gateway as it should, however it will never switch back unless you do a reset or reboot the server. Basically the concept is flawed and thus not recommend. The only way to properly configure is with a default gateway on one NIC and static routes assigned to the other. Keep in mind if you add a static route from A to B, you have to install a matching static route on B pointing to A, either on each machine or on the router that is the default gateway for network B.